Blog - Page 132 sur 635 - Kortex Consulting

28Mar 2025 by Webmaster

Multiples vulnérabilités dans le noyau Linux de SUSE (28 mars 2025) (CERT-FR)

Sécurité

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

28Mar 2025 by Webmaster

Multiples vulnérabilités dans le noyau Linux de Red Hat (28 mars 2025) (CERT-FR)

Sécurité

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.

28Mar 2025 by Webmaster

Multiples vulnérabilités dans le noyau Linux d’Ubuntu (28 mars 2025) (CERT-FR)

Sécurité

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et un déni de service.

28Mar 2025 by Webmaster

Multiples vulnérabilités dans les produits IBM (28 mars 2025) (CERT-FR)

Sécurité

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

28Mar 2025 by Webmaster

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

Actualités

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. "The new vulnerabilities can be

28Mar 2025 by Webmaster

CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

Actualités

Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that's designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. "The purpose of the malware is to download and execute second-stage payloads while evading

28Mar 2025 by Webmaster

Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity

Actualités

Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime and data loss. This is

28Mar 2025 by Webmaster

PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps

Actualités

An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. "PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices," Sophos security researcher Pankaj Kohli said in a Thursday analysis. PJobRAT, first

28Mar 2025 by Webmaster

Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability

Actualités

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape. "Following the recent Chrome sandbox escape (

28Mar 2025 by Webmaster

Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Actualités

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. "Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers," Sonatype researcher Ax Sharma said. "However, [...] the latest